← Back to CVEs
CVE-2021-28952
HIGH7.8
Description
An issue was discovered in the Linux kernel through 5.11.8. The sound/soc/qcom/sdm845.c soundwire device driver has a buffer overflow when an unexpected port ID number is encountered, aka CID-1c668e1c0a0f. (This has been fixed in 5.12-rc4.)
CVE Details
CVSS v3.1 Score7.8
SeverityHIGH
CVSS VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack VectorLOCAL
ComplexityLOW
Privileges RequiredLOW
User InteractionNONE
Published3/20/2021
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
fedoraproject:fedoralinux:linux_kernelnetapp:a250netapp:a250_firmwarenetapp:aff_500fnetapp:aff_500f_firmwarenetapp:cloud_backupnetapp:fas_500fnetapp:fas_500f_firmwarenetapp:solidfire_baseboard_management_controllernetapp:solidfire_baseboard_management_controller_firmware
Weaknesses (CWE)
CWE-120
References
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=1c668e1c0a0f74472469cd514f40c9012b324c31(cve@mitre.org)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4VCKIOXCOZGXBEZMO5LGGV5MWCHO6FT3/(cve@mitre.org)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PTRNPQTZ4GVS46SZ4OBXY5YDOGVPSTGQ/(cve@mitre.org)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T2S3I4SLRNRUQDOFYUS6IUAZMQNMPNLG/(cve@mitre.org)
https://lore.kernel.org/alsa-devel/20210309142129.14182-2-srinivas.kandagatla%40linaro.org/(cve@mitre.org)
https://security.netapp.com/advisory/ntap-20210430-0003/(cve@mitre.org)
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=1c668e1c0a0f74472469cd514f40c9012b324c31(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4VCKIOXCOZGXBEZMO5LGGV5MWCHO6FT3/(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PTRNPQTZ4GVS46SZ4OBXY5YDOGVPSTGQ/(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T2S3I4SLRNRUQDOFYUS6IUAZMQNMPNLG/(af854a3a-2127-422b-91ae-364da2661108)
https://lore.kernel.org/alsa-devel/20210309142129.14182-2-srinivas.kandagatla%40linaro.org/(af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20210430-0003/(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.